Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ec2: support PrefixList.fromLookup() #33606

Open
1 of 2 tasks
Tietew opened this issue Feb 27, 2025 · 1 comment · May be fixed by #33619
Open
1 of 2 tasks

ec2: support PrefixList.fromLookup() #33606

Tietew opened this issue Feb 27, 2025 · 1 comment · May be fixed by #33619
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2

Comments

@Tietew
Copy link
Contributor

Tietew commented Feb 27, 2025

Describe the feature

AWS-managed prefix lists are listed in AWS documentation.
https://docs.aws.amazon.com/vpc/latest/userguide/working-with-aws-managed-prefix-lists.html

But PrefixListId differ per region and account.
We should copy&paste id from AWS console or CLI output.

Use Case

For example, this is useful that an ALB needs to allow HTTP(S) connections from CloudFront only.

const plCloudFront = ec2.PrefixList.fromLookup(this, 'CloudFrontPrefixList', {
  prefixListName: 'com.amazonaws.global.cloudfront.origin-facing',
});
alb.connections.allowFrom(ec2.Peer.perfixListId(plCloudFront.prefixListId), ec2.Peer.HTTPS);

Proposed Solution

CloudControl context provider may query prefix list from name.

PoC code:

ContextProvider.getValue(scope, {
  provider: cxschema.ContextProvider.CC_API_PROVIDER,
  props: {
    typeName: 'AWS::EC2::PrefixList',
    propertyMatch: {
      PrefixListName: 'com.amazonaws.global.cloudfront.origin-facing',
    },
    propertiesToReturn: ['PrefixListId'],
  },
})

By CLI:

$ aws cloudcontrol list-resources --type-name 'AWS::EC2::PrefixList' | jq '.ResourceDescriptions[]|select((.Properties|fromjson).PrefixListName=="com.amazonaws.global.cloudfront.origin-facing")'
{
  "Identifier": "pl-xxxxxxxx",
  "Properties": "{\"OwnerId\":\"AWS\",\"PrefixListId\":\"pl-xxxxxxxx\",...}"
}

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

CDK version used

2.180.0

Environment details (OS name and version, etc.)

N/A
@Tietew Tietew added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Feb 27, 2025
@github-actions github-actions bot added the @aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud label Feb 27, 2025
@Tietew Tietew mentioned this issue Feb 27, 2025
Open
2 tasks
@pahud
Copy link
Contributor

pahud commented Feb 27, 2025
edited
Loading

Hello @Tietew,

Thank you for submitting this feature request. This is indeed a useful addition to the CDK EC2 module that would improve the developer experience when working with AWS-managed prefix lists.

Since you've indicated you may be able to implement this feature, we'd be happy to guide you through the process:

  1. The implementation would need to:

    • Add a new fromLookup static method to the PrefixList class
    • Create appropriate interfaces for the lookup options
    • Implement the CloudControl context provider pattern similar to your proof of concept
    • Add appropriate tests

  2. For inspiration, you might want to look at similar lookup implementations in the CDK codebase, such as:

    • Vpc.fromLookup()
    • HostedZone.fromLookup()

If you're interested in proceeding with a PR, please let us know, and we'll be happy to provide more specific guidance if needed.

Thanks again for your contribution to making the CDK better!

@pahud pahud added p2 effort/medium Medium work item – several days of effort and removed needs-triage This issue or PR still needs to be triaged. labels Feb 27, 2025
@Tietew Tietew linked a pull request Feb 28, 2025 that will close this issue
Open
1 task
@github-actions github-actions bot mentioned this issue Mar 1, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(ec2): support PrefixList.fromLookup() Tietew/aws-cdk
2 participants
@Tietew @pahud